simple_format - Prevent too much escaped html

padrino-helpers/lib/padrino-helpers/format_helpers.rb

@@ -78,7 +78,7 @@ def strip_tags(html)
       def simple_format(text, options={})
         t = options.delete(:tag) || :p
         start_tag = tag(t, options, true)
-        text = escape_html(text.to_s.dup)
+        text = escape_html(text.to_s.dup) unless text.html_safe?
         text.gsub!(/\r\n?/, "\n")                      # \r\n and \r -> \n
         text.gsub!(/\n\n+/, "</#{t}>\n\n#{start_tag}") # 2+ newline  -> paragraph
         text.gsub!(/([^\n]\n)(?=[^\n])/, '\1<br />')   # 1 newline   -> br

padrino-helpers/test/test_format_helpers.rb

@@ -29,6 +29,16 @@ def setup
       assert_equal "<p class=\"description\">Look me! A class!</p>", actual_text
     end
 
+    should "escape html tags" do
+      actual_text = simple_format("Will you escape <b>that</b>?")
+      assert_equal "<p>Will you escape &lt;b&gt;that&lt;&#x2F;b&gt;?</p>", actual_text
+    end
+
+    should "support already sanitized text" do
+      actual_text = simple_format("Don't try to escape <b>me</b>!".html_safe)
+      assert_equal "<p>Don't try to escape <b>me</b>!</p>", actual_text
+    end
+
     context 'wrapped in a custom tag' do
       should "format simple text into html format" do
         actual_text = simple_format("Here is some basic text...\n...with a line break.", :tag => :div)